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Abstract 

Deception plays a critical role in the financial indnstry, online mar¬ 
kets, national defense, and conntless other areas. Understanding and 
harnessing deception - especially in cyberspace - is both crncial and 
difhcnlt. Recent work in this area has nsed game theory to stndy the 
roles of incentives and rational behavior. Bnilding npon this work, 
we employ a game-theoretic model for the pnrpose of mechanism de¬ 
sign. Specihcally, we stndy a defensive nse of deception: implementa¬ 
tion of honeypots for network defense. How does the design problem 
change when an adversary develops the ability to detect honeypots? 

We analyze two models: cheap-talk games and an angmented version 
of those games that we call cheap-talk games with evidence, in which 
the receiver can detect deception with some probability. Onr hrst 
contribntion is this new model for deceptive interactions. We show 
that the model inclndes traditional signaling games and complete in¬ 
formation games as special cases. We also demonstrate nnmerically 
that deception detection sometimes eliminate pnre-strategy eqnilibria. 
Finally, we present the snrprising resnlt that the ntility of a decep¬ 
tive defender can sometimes increase when an adversary develops the 
ability to detect deception. These resnlts apply concretely to network 
defense. They are also general enongh for the large and critical body 
of strategic interactions that involve deception. 
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1 Introduction 

Deception has always garnered attention in popular culture, from the decep¬ 
tion that planted a seed of anguish in Shakespeare’s Macbeth to the deception 
that drew viewers to the more contemporary television series Lie to Me. Our 
human experience seems to be permeated by deception, which may even be 
engrained into human beings via evolutionary factors BE). Yet humans are 
famously bad at detecting deception Pi- An impressive body of research 
aims to improve these rates, especially in interpersonal situations. Many in¬ 
vestigations involve leading subjects to experience an event or recall a piece 
of information and then asking them to lie about it laEiE]. Researchers 
have shown that some techniques can aid in detecting lies - such as asking 
a suspect to recall events in reverse order [3], asking her to maintain eye 
contact jni, asking unexpected questions or strategically using evidence j?]. 
Clearly, detecting interpersonal deception is still an active area of research. 

While understanding interpersonal deception is difficult, studying decep¬ 
tion in cyberspace has its set of unique challenges. In cyberspace, information 
can lack permanence, typical cues to deception found in physical space can 
be missing, and it can be difficult to impute responsibility [H]. Consider, for 
example, the problem of identifying deceptive opinion spam in online mar¬ 
kets. Deceptive opinion spam consists of comments made about products or 
services by actors posing as customers, when they are actually representing 
the interests of the company concerned or its competitors. The research chal¬ 
lenge is to separate comments made by genuine customers from those made 
by self-interested actors posing as customers. This is difficult for humans to 
do unaided; two out of three human judges in |9] failed to perform signih- 
cantly better than chance. To solve this problem, the authors of |9] make 
use of approaches including a tool called the Linguistic Inquiry Word Count, 
an approach based on the frequency distribution of part-of-speech tags, and 
third approach which uses a classihcation based on n-grams. This highlights 
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the importance of an interdisciplinary approach to studying deception, espe¬ 
cially in cyberspace. 

Although an interdisciplinary approach to studying deception offers im¬ 
portant insights, the challenge remains of putting it to work in a quantitative 
framework. In behavioral deception experiments, for instance, the incentives 
to lie are also often poorly controlled, in the sense that subjects may sim¬ 
ply be instructed to he or to tell the truth nm. This prohibits a natural 
setting in which subjects could make free choices. These studies also can¬ 
not make precise mathematical predictions about the effect of deception or 
deception-detecting techniques uni. Understanding deception in a quantita¬ 
tive framework could help to give results rigor and predictability. 

To achieve this rigor and predictability, we analyze deception through 
the framework of game theory. This framework allows making quantita¬ 
tive, verihable predictions, and enables the study of situations involving free 
choice (the option to deceive or not to deceive) and well-dehned incentives 
m. Specihcally, the area of incomplete information games allows modeling 
the information asymmetry that forms part and parcel of deception. In a 
signaling game, a receiver observes a piece of private information and com¬ 
municates a message to a receiver, who chooses an action. The receiver’s best 
action depends on his belief about the private information of the sender. But 
the sender may use strategies in which he conveys or does not convey this 
private information. It is natural to make connections between the signaling 
game terminology of pooling, separating, and partially-separating equilibria 
and deceptive, truthful, and partially-truthful behavior. Thus, game theory 
provides a suitable framework for studying deception. 

Beyond analyzing equilibria, we also want to design solutions that control 
the environment in which deception takes place. This calls for the reverse 
game theory perspective of mechanism design. In mechanism design, exoge¬ 
nous factors are manipulated in order to design the outcome of a game. In 
signaling games, these solutions might seek to obtain target utilities or a 
desired level of information communication. If the deceiver in the signaling 
game has the role of an adversary - for problems in security or privacy, for 
example - a defender often wants to design methods to limit the amount of 
deception. But defenders may also use deception to their advantage. In this 
case, it is the adversary who may try to implement mechanisms to mitigate 
the effects of the deception. A more general mechanism design perspective for 
signaling games could consider other ways of manipulating the environment, 
such as feedback and observation (Fig. 1.1). 
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Figure 1.1; A general framework for mechanism design. Manipulating the 
environment in which deception takes place in a signaling game could include 
adding additional blocks as well as manipulating exogenous parameters of 
the game. In general, type m can be manipulated by input from a controller 
before reaching the sender. The controller can rely on an observer to estimate 
unknown states. In this paper, we specihcally study the roll of a detector, 
which compares type to message and emits evidence for deception. 


In this paper, we study deception in two different frameworks. The hrst 
framework is a typical game of costless communication between a sender and 
receiver known as cheap-talk. In the second framework, we add the element of 
deception detection, forming a game of cheap-talk with evidence. This latter 
model includes a move by nature after the action of the sender, which yields 
evidence for deception with some probability. In order provide a concrete 
example, we consider a specihc use of deception for defense, and the employ¬ 
ment of antideceptive techniques by an attacker. In this scenario, a defender 
uses honeypots disguised as normal systems to protect a network, and an 
adversary implements honeypot detection in order to strike back against this 
deception. We give an example of how an adversary might obtain evidence 
for deception through a timing classihcation known as fuzzy benchmarking. 
Finally, we show how network defenders need to bolster their capabilities in 
order to maintain the same results in the face of honeypot detection. This 
mechanism design approach reverses the mappings from adversary power to 
evidence detection and evidence detection to game outcome. Although we 
apply it to a specihc research problem, our approach is quite general and 
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can be used in deceptive interactions in both interpersonal deception and 
deception in cyber security. Our main contributions include 1) developing 
a model for signaling games with deception detection, and analyzing how 
this model includes traditional signaling games and complete information 
games as special cases, 2) demonstrating that the ability to detect deception 
causes pure strategy equilibria to disappear under certain conditions, and 3) 
showing that deception detection by an adversary could actually increase the 
utility obtained by a network defender. These results have specihc implica¬ 
tions for network defense through honeypot deployment, but can be applied 
to a large class of strategic interactions involving deception in both physical 
and cyberspace. 

The rest of the paper proceeds as follows. Section reviews cheap-talk 
signaling games and the solution concept of perfect Bayesian Nash equilib¬ 
rium. We use this framework to analyze the honeypot scenario in Section 
Section 1^ adds the element of deception detection to the signaling game. We 
describe an example of how this detection might be implemented in Section 
1^ Then we analyze the resulting game in section In Section we discuss 
a case study in which a network defender needs to change in order to respond 
to the advent of honeypot detection. We review related work in Section 
and conclude the paper in Section 

2 Cheap-Talk Signaling Games 

In this section, we review the concept of signaling games, a class of two-player, 
dynamic, incomplete information games. The information asymmetry and 
dynamic nature of these games captures the essence of deception, and the 
notion of separating, pooling, or partially-separating equilibria can be related 
to truthful, deceptive, or partially-truthful behavior. 

2.1 Game Model 

Our model consists of a signaling game in which the types, messages, and 
actions are taken from discrete sets with two elements. Call this two-player, 
incomplete information game Q. In a sender. S', observes a type m G 
M = {0,1} drawn with probabilities p (0) and p(l) = 1 — p(0). He then 
sends a message, n & N = (0,1} to the receiver, R. After observing the 
message (but not the type), R plays an action y ^ Y = (0,1} . The flow 
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Figure 2.1; Block diagram of a signaling game with two discrete types, mes¬ 
sages, and actions. 


of information between sender and receiver is depicted in Fig. 2.1[ Let 


{y, m) and (?/, m) be the utility obtained by S and i?, respectively, 
when the type is m and the receiver plays action y. Notice that the utilities 
are not directly dependent on the message, n; hence the description of this 
model as a “cheap-talk” game. 

The sender’s strategy consists of playing a message n, after observing 
a type m, with probability as{n\m). The receiver’s strategy consists of 
playing an action y, after observing a message n, with probability {y\n). 
Denote the sets of all such strategies as F"^, and F^. Dehne expected utilities 
for the sender and receiver as : F'^ x F^ —)■ M and : F'^ x F-^ —)■ M, 
such that {as, an) and {as, aji) are the expected utilities for the sender 
and receiver, respectively, when the sender and receiver play according to 
the strategy prohle {as,aR). Finally, dehne : F'^ x F^ x M —)■ M and 
Q-R . X M X N ^ W such that {as,aR,m) gives the expected utility 
for S for playing as when R plays aR and the type is m, and {aR, m, n) 
gives the expected utility for R for playing aR when the type is m and she 
observes message n. 


2.2 Perfect Bayesian Nash Equilibrium 

We now review the concept of Perfect Bayesian Nash equilibrium, the natural 
extension of subgame perfection to games of incomplete information. 

A Perfect Bayesian Nash equilibrium (see HU) of signaling game ^ is a 
strategy prohle (cr^, and posterior beliefs iiR{m \ n) of the receiver about 
the sender such that 

Vm G M, as ^ arg max {as, aR,m), (2.1) 

Wn G iV, cTij G arg max E fiR{m\n)U^ {aR,m,n), (2.2) 

fheM 
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liR (m I n) = 


fh^M 

any distrubution on M, if ^ (n | m) p (m) = 0 

fh&M 


(2,3) 


Eq. 2J^ reqnires S to maximize his expected ntility for the strategy played 
by R for all types m. The second eqnation reqnires that, for all messages 
n, R maximizes his expected ntility against the strategy played by S given 
his beliefs. Finally, Eq. 2.3 reqnires the beliefs of R abont the type to be 


consistent with the strategy played by S', using Bayes’ Law to update his 
prior belief according to S’s strategy. 


3 Analysis of Deceptive Conflict Using Signal¬ 
ing Games 

In this section, we describe an example of deception in cyber security using 
signaling games. These type of models have been used, for instance, in 
ini Dsi m [ 13 . We give results here primarily in order to show how the 
results change after we add the factor of evidence emission in Section 

Consider a game Ghoney, in which a defender uses honeypots to protect a 
network of computers. We consider a model and parameters from [12], with 
some adaptations. In this game, the ratio of normal systems to honeypots is 
considered fixed. Based on this ratio, nature assigns a type - normal system 
or honeypot - to each system in the network. The sender is the network 
defender, who can choose to reveal the type of each system or disguise the 
systems. He can disguise honeypots as normal systems and disguise normal 
systems as honeypots. The message is thus the network defender’s portrayal 
of the system. The receiver in this game is the attacker, who observes the 
defender’s portrayal of the system but not the actual type of the system. 
He forms a belief about the actual type of the system given the sender’s 
message, and then chooses an action: attack or withdrav0 Table [I] gives the 
parameters of Ghoney, and the extensive form of Ghoney is given in Fig. 

^In the model description in m, the attacker also has an option to condition his attack 
on testing the system. We omit this option, because we will consider the option to test 
the system through a different approach in the signaling game with evidence emission in 
Section 


3.1 
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Table 1; Parameters of Qhoney M.S. signifies Mixed Strategy 


Parameter Symbol 

Meaning 

5 

Network defender 

R 

Network attacker 

m G {0,1} 

Type of system (0: normal; 1: honeypot) 

n G {0,1} 

Defender description of system (0: normal; 1: honeypot) 

2 /e{0,i} 

Attacker action (0: withdraw; 1: attack) 

pirn) 

Prior probability of type m 

as iji m) 

Sender MS prob. of describing type m as n 

(^R (y 1 n) 

Receiver MS prob. of action y given description n 

Vo 

Defender beneht of observing attack on honeypot 

^9 

Defender beneht of avoiding attack on normal system 

-Cc 

Defender cost of normal system being compromised 

Va 

Attacker beneht of comprimizing normal system 

-Ca 

Attacker cost of attack on any type of system 

-Co 

Attacker additional cost of attacking honeypot 


We have used the game theory software Gambit |16| for this illustration, as 
well as for simulating the results of games later in the paper. 

In order to characterize the equilibria of Qhoney, define two constants: CBq 
and CBf. Let CBq give the relative beneht to R for playing attack {y = 1) 
compared to playing withdraw [y = 0) when the system is a normal system 
(m = 0), and let CBf give the relative beneht to R for playing withdraw 
compared to playing attack when the system is a honeypot (m = 1). These 


constants are dehned by Eq. 3.1 and Eq. 3.2 


= M^(1,0) 


u 


R 


( 0 , 0 ) 


(3.1) 


(0,1) - (1,1) (3.2) 

We now End the pure-strategy separating and pooling equilibria of Qhoney 

Theorem 1. The equilibria of Qhoney differ in form in three parameter re¬ 
gions: 

• Attack-favorable: p (0) CBq > {1 — p (0)) CB^ 

• Defend-favorable: p (0) CBq < {1 — p (0)) CBf 
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(U°. ) 

K.-Co-Ca) 

( 0,0 ) 

(Vo,-Co-cJ 

( 0,0 ) 

(-Cc. VCa) 

(Vg, 0 ) 

(-Cc. VCa) 

(Vg,0 ) 

Figure 3.1; Extensive form of Ghoney, a game in which defender S chooses 
whether to disguise systems in a network of computers, and an attacker R 
attempts to gain from compromising normal systems but withdrawing from 
honeypots. Note that the type m is determined by a chance move. 

• Neither-favorable: p (0) CBq = {1 — p (0)) 

In attack-favorable, p{0)CBq > (1—p(0))CSf, meaning loosely that the 
relative benefit to the receiver for attacking normal systems is greater than 
the relative loss to the receiver for attacking honeypots. In defend-favorable, 
p{0)CBq < (1 — p (0)) Ci3f, meaning that the relative loss for attacking 
honeypots is greater than the relative benefit from attacking normal systems. 
In neither-favorable, p{0)CBq = (1 — p (0)) . We omit analysis of the 

neither-favorable region because it only arises with exact equality in the game 
parameters. 

3.1 Separating Equilibria 

In separating equilibria, the sender plays different pure strategies for each 
type that he observes. Thus, he completely reveals the truth. The attacker 
R in Qhoney wants to attack normal systems but withdraw from honeypots. 
The defender S wants the opposite: that the attacker attack honeypots and 
withdraw from normal systems. Thus, Theorem [^should come as no surprise. 

Theorem 2. No separating equilibria exist in Qhoney 
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3.2 Pooling Equilibria 

In pooling equilibria, the sender plays the same strategies for each type. 
This is deceptive behavior because the sender’s messages do not convey the 
type that he observes. The receiver relies only on prior beliefs about the 
distribution of types in order to choose his action. Theorem gives the 
pooling equilibria of Qhoney in the attack-favorable region. 

Theorem 3. Qhoney supports the following pure strategy pooling eguilihria in 
the attack-favorable parameter region: 


Vm e M, as (1 m) = 1, 

(3.3) 

Vn G an (1 n) = 1, 

(3,4) 

CB^ 

Br (11 0) < ^ , fiR{l\l)-p (1), 

(3.6) 

and 


Vm e M, as (1 m) = 0, 

(3.6) 

Vn G N, as (1 n) = 1, 

(3.7) 

CB^ 

(1 1 0) - p (1), pK (1 1 1) < ^ , 

(3.8) 

both with expected utilities given by 


{(^s, (Tr) = (1,1) - P (0) (n^ (1,1) - (1, 0)) , 

(3,9) 

{as, (Jr) = (1,1) - p (0) [u^ (1,1) - (1,0)) . 

(3.10) 

Similarly, Theorem gives the pooling equilibria of Qhoney in 
favorable region. 

the defend- 

Theorem 4. Qhoney supports the following pure strategy pooling equilibria in 
the defend-favorable parameter region: 

Mm G M, as (1 m) = 1, 

(3.11) 

Vn G N, aR (1 n) = 0, 

(3.12) 

CB^ 

Br (1 0) > ^ CB^' Br{^\^) — P (1) ) 

(3.13) 
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and 


Vm e M, as (11 m) = 0, (3-14) 

Vn G an (11 n) = 0, (3.15) 

CB^ 

/Xfi (1 I 0) = p (1); /xr (1 I 1) > 

both with expected utilities given by 

(ct5 , = P (0) {u^ (0,0) - (0,1)) + (0,1), (3.17) 

(as, an) = p (0) {u^ (0, 0) - (0,1)) + (0,1). (3.18) 


In both cases, it is irrelevant whether the defender always sends 1 or 
always sends 0 (always describes systems as honeypots or always describes 
systems as normal systems); the effect is that the attacker ignores the de¬ 
scription. In the attack-favorable region, the attacker always attacks. In the 
defend-favorable region, the attacker always withdraws. 


3.3 Discussion of Qhoney Equilibria 

We will discuss these equilibria more when we compare them with the equi¬ 
libria of the game with evidence emission. Still, we note one aspect of the 
equilibria here. At p{0)CBq = (1 — p(0))Ci3f, the expected utility is con¬ 
tinuous for the receiver, but not for the sender. As shown in Fig. |3.2 , the 
sender’s (network defender’s) utility sharply improves if he transitions from 
having p (0) CB^ > {1 — p (0)) CBf to p (0) CBq < {1 — p (0)) CBf, i.e. from 
having 40% honeypots to having 41% honeypots. This is an obvious mech¬ 
anism design consideration. We will analyze this case further in the section 
on mechanism design. 


4 Cheap-Talk Signaling Games with Evidence 

In Section we used a typical signaling game to model deception in cy¬ 
berspace (in Qhoney)- In this sectiou, we add to this game the possibility that 
the sender gives away evidence of deception. 

In a standard signaling game, the receiver’s belief about the type is based 
only on the messages that the sender communicates and his prior belief. 
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Figure 3.2: Expected Utilities verses Fraction of Normal Systems in Network. 


In many deceptive interactions, however, there is some probability that the 
sender gives off evidence of deceptive behavior. In this case, the receiver’s 
beliefs about the sender’s private information may be updated both based 
upon the message of the sender and by evidence of deception. 

4.1 Game Model 

Let denote a signaling game with belief updating based both on 

sender message and on evidence of deception. This game consists of four 
steps, in which step 3 is new: 

1. Sender, S, observes type, m E M = {0,1}. 

2. S communicates a message, n G N = {0,1}, chosen according to a 
strategy as {n\m) E = AN based on the type m that he observes. 

3. S emits evidence, e E E = {0,1} with probability A(e|m, n). Signal 
e = 1 represents evidence of deception and e = 0 represents no evidence 
of deception. 
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Figure 4.1; Block diagram of a signaling game with evidence emission. 


4. Receiver R responds with an action, y eY = {0,1}, chosen according 
to a strategy {y \n,e) G F^ = AY based on the message n that he 
receives and evidence e that he observes. 

5. S, R receive {y, m), {y, m). 


Evidence e is another signal that is available to R, in addition to the message 
n. This signal could come, e.g.^ from a detector, which generates evidence 
with a probability that is a function of m and n. The detector implements the 
function A (e | m, n). We depict this view of the signaling game with evidence 
emission in Fig. 4.1 We assume that A(e|m,n) is common knowledge to 


both the sender and receiver. Since evidence is emitted with some probability, 
we model this as a move by a “chance” player, just as we model the random 
selection of the type at the beginning of the game as a move by a chance 
player. The outcome of the new chance move will be used by R together 
with his observation of S's action to formulate his belief about the type m. 
We describe this belief updating in the next section. 


4.2 Two-step Bayesian Updating 

Bayesian updating is a two-step process, in which the receiver Erst updates 
his belief about the type based on the observed message of the sender, and 
then updates his belief a second time based on the evidence emitted. The 
following steps formulate the update process. 


1. R observes S^s action. He computes belief /i^ (m | n) based on the prior 


likelihoods p (m) of each type and S^s message n according to Eq. 2.3 
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4.1 


which we rewrite here in Eq. 


Hr {m I n) 


(Tsiji I m)p(m) 

Y. asin\fh)p(m)^ 
fh^M 

any distribution on M, 


if ^ as{n\m)p (m) > 0 

ttiGM 

ifE as {ji I m) p (m) = 0 

(4.1) 


2 . S computes a new belief based on the evidence emitted. The prior 
belief in this second step is given by hr {m \ n) obtained in the first 
step. The conditional probability of emitting evidence e when the type 
is m and the sender communicates message n is A (e | m, n). Thus, the 
receiver updates his belief in this second step according to 


/iH (m I n, e) 


( A(e 1 1 n) 

if E (e 

m, n) Hr {m 

y; A(e| n) ’ 

/ rh^M 

meM 


1 any distribution on M, 

if E (e 

m£M 

fh, n) Hr ijn 


(4.2) 


Having formulated the belief updating rules, we now give the conditions for 
a Perfect Bayesian Nash equilibrium in our signaling game with evidence 
emission. 


4.3 Perfect Bayesian Nash Equilibrium in Signaling Game 
with Evidence 


The conditions for a Perfect Bayesian Nash Equilibrium of our augmented 
game are the same as those for the original signaling game, except that the 
belief update includes the use of emitted evidence. Here, however, we must 
also define a new utility function for R that takes expectation conditional 
upon e in addition to n. Define this utility function by x M x N x 

E —)■ M such that (ctr, m, n, e) gives the expected utility for R for playing 
aR when the type is m and she observes message n and evidence e. 


evidence * 

lo 


Definition 1. A perfect Bayesian Nash equilibrium of the game Q 
a strategy prohle (as, a^) and posterior beliefs fiR^m | n, e), such that system 
given by Eq. 4. 3| through Eq. 4T are simultaneously satisfied. 


Vm E M, as & arg max (as, aR, m) 

(Tssr® 


(4.3) 
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Vn e iV, Ve G -E, G argmax E fiR{m\n,e)U^ {aR,m,n,e) (4.4) 


Vn G A^, /iR (m | tt.) 


" o-s(n|m)p(m) 

E iTsin\m)p{fh)^ 
mGM 

any distribution on M, 


if CTs {n\m) p (m) > 0 

fh&M 

if Yl CFs {n\fh) p {fh) = 0 

fh&M 


Vn G iV, Ve G E, 
/iH (m I n, e) ^ 



if E ^ (e 

m, n) pr {m 

E A(e 1 1 n) ’ 

} ifi^M 

m^M 


I any distribution on M, 

if E ^ (e 

fh&M 

fh, n) pr {m 


(4.6) 


Again, the first two definitions require the sender and receiver to maxi¬ 
mize their expected utilities. The third and fourth equations require belief 
consistency in terms of Bayes’ Law. 


5 Deception Detection Example in Network De¬ 
fense 

Consider again our example of deception in cyberspace in which a defender 
protects a network of computer systems using honeypots. The defender has 
the ability to disguise normal systems as honeypots and honeypots as normal 
systems. In Section we modeled this deception as if it were possible for 
the defender to disguise the systems without any evidence of deception. In 
reality, attackers may try to detect honeypots. For example, send-safe.corn's 
“Honeypot Hunter” |17| checks lists of HTTPS and SOCKS proxies and out¬ 
puts text hies of valid proxies, failed proxies, and honeypots. It performs a 
set of tests which include opening a false mail server on the local system to 
test the proxy connection, connecting to the proxy port, and attempting to 
proxy back to its false mail server |18) . 

Another approach to detecting honeypots is based on timing. jT9] used a 
process termed fuzzy benchmarking in order to classify systems as real ma¬ 
chines or virtual machines, which could be used e.g.^ as honeypots. In this 
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process, the authors run a set of instructions which yield different timing 
results on different host hardware architectures in order to learn more about 
the hardware of the host system. Then, they run a loop of control modifying 
CPU instructions (read and write control register 3, which induces a trans¬ 
lation lookaside buffer flush) that results in increased run-time on a virtual 
machine compared to a real machine. The degree to which the run-times 
are different between the real and virtual machines depends on the number 
of sensitive instructions in the loop. The goal is to run enough sensitive 
instructions to make the divergence in run-time - even in the presence of 
internet noise - large enough to reliably classify the system using a timing 
threshold. They do not identify limits to the number of sensitive instructions 
to run, but we can imagine that the honeypot detector might itself want to 
go undetected by the honeypot and so might want to limit the number of 
instructions. 

Although they do not recount the statistical details, such an approach 
could result in a classihcation problem which can only be accomplished suc¬ 
cessfully with some probability. In Fig. 5T, t represents the execution time 
of the fuzzy benchmarking code. The curve /o (t) represents the probability 
density function for execution time for normal systems (m = 0), and the 
curve /i {t) represents the probability density function for execution time for 
virtual machines (m = 1). The execution time represents a threshold time 
used to classify the system under test. Let ARi, i G {1,2, 3,4} denote the 
area under regions Ri through R^. We have dehned A(e|m,n) to be the 
likelihood with which a system of type m represented as a system as type n 
gives off evidence for deception e (where e = 1 represents evidence for de¬ 
ception and e = 0 represents evidence for truth-telling). A virtual machine 
disguised as a normal system may give off evidence for deception, in this case 
in terms of the run-time of fuzzy benchmarking code. We would then have 
that 


(110) ~ ^-^3 + Ai?4 tc; 1 

A(0| 1,0) = A/22 = 1 - (4li?3 +Ai?4 ) • ^ ^ ^ 

If the system under test were actually a normal system, then the same 
test could result in some likelihood of a false-positive result for deception. 
Then, we would have 


A(110,0) = AR^ 

A (0 I 0,0) = ARi + AR 2 = 1 - [AR^) ■ 


(5.2) 
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Figure 5.1; Classification of systems as normal or virtual {e.g. a lioneypot) 
based on run-time for a set of control modifying CPU instructions (based on 
fuzzy benchmarking in |19jb 


Let us assume that the likelihood with which one type of system mas¬ 
querading as another can be successfully detected is the same regardless of 
whether it is a honeypot that is disguised as a normal system or it is a normal 
system that is disguised as a honeypot. Denote this probability as e G [0,1]. 
Let 5 G [0,1] be dehned as the likelihood of falsely detecting deceptiorj^ 
These probabilities are given by 


A(l| 

m,n), m ^ n, 

(6.3) 

A(1 

m, n) m = n. 

(5.4) 


In |19) . the authors tune the number of instructions for the CPU to run in 
order to sufficiently differentiate normal systems and honeypots. In this case, 
e and 5 may relate to the number of instructions that the detector asks the 
CPU to run. In general, though, the factors which influence e and 6 could 
vary. Powerful attackers will have relatively high e and low 6 compared to 
less powerful attackers. Next, we study this network defense example using 
our model of signaling games with evidence. 

^Note that we assume that e and S are common knowledge; the defender also knows 
the power of the adversary. 
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Figure 6.1: Extensive form depiction of Note that the type m and 

the evidence e are both determined by chance moves. 


6 Analysis of Network Defense using Signaling 
Games with Evidence 


Figure 6.1 depicts an extensive-form of the signaling game with evidence for 
our network defense problem. Call this game [12] for a more 

detailed explanation of the meaning of the parameters.) In the extremes of 
e and 5, we will see that the game degenerates into simpler types of games. 

First, because R updates his belief based on evidence emission in a 
Bayesian manner, any situation in which 6 = e will render the evidence 
useless. The condition S = e would arise from an attacker completely pow¬ 
erless to detect deception. This is indicated in Fig. 6.2| by the region game 
without evidence, which we term IZweak to indicate an attacker with weak 
detection capability. 

Second, on the other extreme, we have the condition e = 1, 5 = 0, which 
indicates that the attacker can always detect deception and never registers 
false positives. Denote this region TZomnipotent to indicate an attacker with 
omnipotent detection capability. 'Romnipotent degenerates into a complete 
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Figure 6.2; Degenerate cases of Q^oney^^ 


information game in which both S and R are able to observe the type m. 

Third, we have a condition in which the attacker’s detection capability is 
such that evidence guarantees deception (when 5 = 0 but e is not necessarily 
1 ) and a condition in which the attacker’s power is such that no evidence 
guarantees truth-telling (when e = 1 but 6 is not necessarily 0). We can term 
these two regions TZconservative and TZa, 


ggressivei 


because the attacker never 
detects a false positive in Rconservative and never misses a sign for deception 

1 ^^ TZAggressive- 

Finally, we have the region TZintermediate in which the attacker’s detection 
capability is powerful enough that he correctly detects deception with greater 
rate than he registers false positives, but does not achieve 5 = 0 or e = 1. 
We list these attacker conditions in Table 
of Q^fney^^ i’^ these different cases. 


Let us examine the equilibria 


"‘We have defined these degenerate cases only for the case in which e > 5 - i.e., evidence 
for deception is more likely to be emitted when the sender lies then when he tells the truth. 
Mathematically, the equilibria of the game are actually symmetric around the diagonal 
e = (5 in Fig. |6.2| This can be explained intuitively by considering the evidence emitted 
to be “evidence for truth-revelation” in the upper-left corner. In interpersonal deception, 
evidence for truth-revelation could correlate, e.g., in the amount of spatial detail in a 
subject’s account of an event. 
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Table 2: Attacker capabilities for degenerate cases of 


Name of Region 

Description of Region 

Parameter Values 

R-Weak 

Game without evidence 

<5 = 6 

Omnipotent 

Complete information game 

6 = 1, (5 = 0 

Rconservative 

Evidence guarantees deception 

<5 = 0 

Aggressive 

No evidence guarantees truth-telling 

6=1 

Intermediate 

No guarantees 

e ^ 1 > 5 ^ 0 


6.1 Equilibria for IZweak 

The equilibria for TZweak are given by our analysis of the game without 
evidence (Ghoney) in Section Recall that a separating equilibrium was 
not sustainable, while pooling equilibria did exist. Also, the equilibrium 
solutions fell into two different parameter regions. The sender’s utility was 
discontinuous at the interface between parameter regions, creating an optimal 
proportion of normal systems that could be included in a network while still 
deterring attacks. 

6.2 Equilibria for IZomnipotent 

For 'R-omnipotent, the attacker knows with certainty the type of system (normal 
or honeypot) that he is facing. If the evidence indicates that the system is 
a normal system, then he attacks. If the evidence indicates that the system 
is a honeypot, then he withdraws. The defender’s description is unable to 
disguise the type of the system. Theorem gives the equilibrium strategies 
and utilities. 

Theorem 5. Gf^Gney'^^> under adversary capabilities TZomnipotent supports the 
following equilibria: 



as (m n) G T"^ 

(6,1) 


\n,e) = h " = J,VnGiV, 

11 — n, e = 0 

(6.2) 

rn (1 

n,e) = |^ ^ ^,VneV, 

n, e = 0 

(6.3) 
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Table 3: Sample parameters which describe 


Parameter Symbol 

Value 

Vo, sender utility from observing attack on honeypot 

5 

Vg, sender utility from normal system surviving 

1 

—cc, sender cost for compromised normal system 

-10 

—Co — Ca, cost due to attacker for attacking honeypot 

-22 

0 , utility for attacker for withdrawing from any system 

0 

Va — Ca, beneht of attacker for compromising normal system 

15 


with expected utilities given by 

{CTS, (Tn) = p (0) {u^ (1,0) - (0,1)) + (0,1), (6.4) 

(as, an) = p (0) {u^ (1,0) - (0,1)) + (0,1). (6.5) 

Similarly to TZweak, in T^Omnipotent the expected utilities for S and R 
are the same regardless of the equilibrium strategy chosen (although the 
equilibrium strategy profiles are not as interesting here because of the singular 
role of evidence). 

Next, we analyze the equilibria in the non-degenerate cases, R-conservative, 
R Aggressive, and R Intermediate , by numerically solving for equilibria under 
selected parameter settings. 


6.3 Equilibria for IZ, 


Conservative 


1Za 


ggressive^ 


and TZ 


Intermediate 


In Section we found analytical solutions for the equilibria of a signaling 
game in which the receiver does not have the capability to detect decep¬ 
tion. In this section, we give results concerning signaling games in which the 
receiver does have the capability to detect deception, using illustrative exam¬ 
ples rather than an analytical solution. To study equilibria under the three 
non-degenerate cases, we choose a set of parameters for the attacker and de¬ 
fender utilities (Table [^. In this model (from |12|). the defender gains utility 
from maintaining normal systems that are not attacked in the network, and 
also from observing attacks on honeypots. The defender incurs a loss if a 
normal system is attacked. The attacker, on the other hand, gains only from 
attacking a normal system; he incurs losses if he attacks a honeypot. 
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Table 4: Equilibria for Selected Parameter Values in TZconservative ) 
'R'Aggressive, aud TZ Intermediate , wlieu the percentage of houeypots in a net¬ 
work is high, medium, and low. 


Saturation 

T^Weak 

'^Intermediate'} '^Conservative') '^Aggressive 

'^Omnipotent 

Normal 

Yes 

Yes 

Yes 

None 

Yes 

None 

Yes 

Honeypot 

Yes 

Yes 

Yes 


Based on these parameters, we can End the equilibrium utilities at each 
terminal node of Fig. |6.1[ We study examples in the attacker capability 


regions of R-Conservative , R'Aggressive, and U Intermediate For each of these 

attacker capabilities, we look for equilibria in pure strategies under three 
different selected values for the percentage of normal systems (compared to 
honeypots) that make up a network. For the high case, we set the ratio 
of normal systems to total systems to be p (0) = 0.9. Denote this case 
normal-saturated. For the medium case, we set p (0) = 0.6. Denote this case 
non-saturated. Finally, label the low case, in which p (0) = 0.2, honeypot- 
saturated. For comparison, we also include the equilibria under the same 
game with no evidence emission (which corresponds to R-weak ), and the 
equilibria under the same game with evidence that has a true-positive rate 
of 1.0 and a false-positive rate of 0 (which corresponds to R-omnipotent )■ In 
Table we list whether each parameter set yields pure strategy equilibria. 

For adversary detection capabilities represented by TZweak , we have a 
standard signaling game, and thus the well-known result that a (pooling) 
equilibrium always exists. In TZomnipotent, the deception detection is fool¬ 
proof, and thus the receiver knows the type with certainty. We are left with 
a complete information game. Essentially, the type merely determines which 
Stackelberg game the sender and receiver play. Because pure strategy equi¬ 
libria always exist in Stackelberg games, R-omnipotent also always has pure- 
strategy equilibria. The rather unintuitive result comes from TZintermediate, 
R-Conservative, and R-Aggressive- In these ranges, the receiver’s ability to de¬ 
tect deception falls somewhere between no capability {TZweak ) and perfect 
capability (R-omnipotent )• Those regions exhibit pure-strategy equilibria, but 


^The values of e and S are constrained by Table Where the values are not set by 
the region, we choose them arbitrarily. Specifically, we choose for TZweak) e = 0, (5 = 0; 
for 'Jointermediate ^ — 0.8, 6 — 0.5, for 'J^Conservativei ^ — 0.8, S — 0, for T^Aggressivet 
C — I 5 ^ — 0.5, and for 'J^Omnipotent^ ^ — 1.0, 6 — 0. 
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the intermediate regions may not. Specifically, they appear to fail to support 
pure-strategy equilibria when the ratio of honeypots within the network does 
not fall close to either 1 or 0. In Section on mechanism design, we will see 
that this region plays an important role in the comparison of network defense 
- and deceptive interactions in general - with and without the technology for 
detecting deception. 


7 Mechanism Design for Detecting or Leverag¬ 
ing Deception 

In this section, we discuss design considerations for a defender who is protect¬ 
ing a network of computers using honeypots. In order to do this, we choose 
a particular case study, and analyze how the network defender can best set 
parameters to achieve his goals. We also discuss the scenario from the point 
of view of the attacker. Specihcally, we examine how the defender can set 
the exogenous properties of the interaction in 1) the case in which honeypots 
cannot be detected, and 2) the case in which the attacker has implemented 
a method for detecting honeypots. Then, we discuss the difference between 
these two situations. 


7.1 Attacker Incapable of Honeypot Detection 


First, consider the case in which the attacker does not have the ability to 
detect honeypots, i.e. Qhoney The parameters which determine the attacker 
and defender utilities are set according to Table The attacker’s utility as 
a function of the fraction of normal systems in the network is given by the 
red (circular) data points in Fig. 7.1 We can distinguish two parameter 


regions. When the proportion of honeypots in the network is greater than 
approximately 40%, {i.e. p (0) < 60%), the attacker is completely deterred. 
Because of the high likelihood that he will encounter a honeypot if he at¬ 
tacks, he chooses to withdraw from all systems. As the proportion of normal 
systems increases after p (0) > 60%, he switches to attacking all systems. He 
attacks regardless of the sender’s signal, because in the pooling equilibrium, 
his signal does not convey any information about the type to the receiver. 
In this domain, as the proportion of normal systems increases, the expected 
utility of the attacker increases. 
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For this case in which the attacker cannot detect honeypots, the defender’s 
expected utility as a function of p (0) is given by the red (circular) data 
points in Fig. 7.2 We have noted that, in the domain p (0) < 60%, the 


attacker always withdraws. In this domain, it is actually beneficial for the 
defender to have as close as possible to the transition density of 60% normal 
systems, because he gains more utility from normal systems that are not 
attacked than from honeypots that are not attacked. But if the defender 
increases the proportion of normal systems beyond 60%, he incurs a sudden 
drop in utility, because the attacker switches form never attacking to always 
attacking. Thus, the if the defender has the capability to design his network 
with any number of honeypots, he faces an optimization in which he wants 
to have as close as possible to 40% of systems be normal 


7.2 Attacker Capable of Honeypot Detection 


Consider now how the network defense is affected if the attacker gains some 
ability to detect deception. This game takes the form of Q'honey'^^- Recall 
that, in this form, a chance move has been added after the sender’s action. 
The chance move determines whether the receiver observes evidence that the 


sender is being deceptive. For Fig. 7.1 and Fig. 7.2 , we have set the detection 
rates at e = 0.8 and 5 = 0.5. These fall within the attacker capability range 
T^intermediate- Observing evidence does not guarantee deception; neither does 
a lack of evidence guarantee truth-revelation. 

In the blue (cross) data points in Fig. 7.1, we see that, at the extremes of 


p (0), the utility of the attacker is unaffected by the ability to detect deception 
according to probabilities e and 6. The low ranges of p(0), as described in 
table 1^ correspond to the honeypot-saturated region. In this region, honey¬ 
pots predominate to such an extent that the attacker is completely deterred 
from attacking. Note that, compared to the data points for the case without 
deception detection, the minimum proportion of honeypots which incentives 
the attacker to uniformly withdraw has increased. Thus, for instance, a p (0) 
of approximately 0.50 incentivizes an attacker without deception detection 


®At this limit, the defender’s utility has a jump, but the attacker’s does not. It costs 
very little extra for the attacker to switch to always attacking as p (0) approaches the 
transition density. Therefore, the defender should be wary of an “malicious” attacker who 
might decide to incur a small extra utility cost in order to inflict a large utility cost on 
the defender. A more complete analysis of this idea could be pursued with multiple types 
of attackers. 
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Figure 7.1; Expected utility for the attacker in games of Qhoney and G^oney^^ 
as a function of the fraction p (0) of normal systems in the network. 


<1 © » © 


Defender Expected Utility 


i " 

3 -6 


0.1 0.2 0.3 0.4 O.S 0.6 0.7 0.8 0.9 




A + 


OWithout Evidence 
+ With Evidence 
A With Strong Evidence 


0 


o * 

© 


© 


Proportion of Normal Systems 


« 


Figure 7.2: Expected utility for the defender in games of Qhoney and Q^o^ey^^ 
as a function of the fraction p (0) of normal systems in the network. 
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capabilities to withdraw from all systems, but does not incentivize an at¬ 
tacker with deception detection capabilities to withdraw. At p (0) = 0.50, 
the advent of honeypot-detection abilities causes the defender’s utility to 
drop from 0.5 to approximately —2. At the other end of the p (0) axis, we 
see that a high-enough p (0) causes the utilities to again be unaffected by the 
ability to detect deception. This is because the proportion of normal systems 
is so high that the receiver’s best strategy is to attack constantly (regardless 
of whether he observes evidence for deception). 

In the middle (non-saturated) region of p (0), the attacker’s strategy is no 
longer to solely attack or solely withdraw. This causes the “cutting the cor- 

This conditional strategy 


ner 


behavior of the attacker’s utility in Fig. 7.1 


also induces the middle region for the defender’s utility in Fig. |7.2 Intu¬ 


itively, we might expect that the attacker’s ability to detect deception could 
only decrease the defender’s utility. But the middle (non-saturated) range of 
p (0) shows that this is not the case. Indeed from approximately p (0) = 0.6 
to p (0) = 0.7, the defender actually benefits from the attacker’s ability to 
detect deception! The attacker, himself, always benefits from the ability to 
detect deception. Thus, there is an interesting region of p (0) for which the 
ability of the attacker to detect deception results in a mutual benefit. 

Finally, we can examine the effect of evidence as it becomes more power¬ 
ful in the green (triangle) points in Fig. 7.1 and Fig. 7.2 These equilibria 
were obtained for e = 0.9 and 5 = 0.3. This more powerful detection ca¬ 
pability broadens the middle parameter domain in which the attacker bases 
his strategy partly upon evidence. Indeed, in the omnipotent detector case, 
the plots for both attacker and defender consist of straight lines from their 
utilities at p (0) = 0 to their utilities at p (0) = 1. Because the attacker with 
omnipotent detector is able to discern the type of the system completely, his 
utility grows in proportion with the proportion of normal systems, which he 
uniformly attacks. He withdraws uniformly from honeypots. 


8 Related Work 

Deception has become a critical research area, and several works have studied 
problems similar to ours. Alcan et ah jlS] discuss how to combine sensing 
technologies within a network with game theory in order to design intrusion 
detection systems. They study two models. The hrst is a cooperative game, 
in which the contribution of different sensors towards detecting an intrusion 
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determines the coalitions of sensors whose threat values will be used in com¬ 
puting the threat level. In the second model, they include the attacker, who 
determines which subsystems to attack. This model is a dynamic (imperfect) 
information game, meaning that as moves place the game in various infor¬ 
mation sets, players learn about the history of moves. Unlike our model, it 
is a complete information game, meaning that both players know the utility 
functions of the other player. 

Farhang et ah study a multiple-period, information-asymmetric attacker- 
defender game involving deception [T3]. In their model, the sender type - 
benign or malicious - is known only with an initial probability to the receiver, 
and that probability is updated in a Bayesian manner during the course of 
multiple interactions. In [15], Zhuang et ah study deception in multiple- 
period signaling games, but their paper also involves resource-allocation. The 
paper has interesting insights into the advantage to a defender of maintaining 
secrecy. Similar to our work, they consider an example of defensive use of 
deception. In both |14j and na, however, players update beliefs only through 
repeated interactions, whereas one of the players in our model incorporates 
a mechanism for deception detection. 

We have drawn most extensively from the work of Carroll and Grosu na, 
who study the strategic use of honeypots for network defense in a signaling 
game. The parameters of our attacker and defender utilities come from |12] . 
and the basic structure of our signaling game is adapted from that work. In 
lEI. the type of a particular system is chosen randomly from the distribution 
of normal systems and honeypots. Then the sender chooses how to describe 
the system (as a normal system or as a honeypot), which may be truthful or 
deceptive. For the receiver’s move, he may choose to attack, to withdraw, 
or to condition his attack on testing the system. In this way, honeypot 
detection is included in the model. Honeypot detection adds a cost to the 
attacker regardless of whether the system being tested is a normal system or 
a honeypot, but mitigates the cost of an attack being observed in the case 
that the system is a honeypot. In our paper, we enrich the representation of 
honeypot testing by making its effect on utility endogenous. We model the 
outcome of this testing as an additional move by nature after the sender’s 
move. This models detection as technique which may not always succeed, and 
to which both the sender and receiver can adapt their equilibrium strategies. 


27 


9 Discussion 


In this paper, we have investigated the ways in which the outcomes of a strate¬ 
gic, deceptive interaction are affected by the advent of deception-detecting 
technology. We have studied this problem using a version of a signaling 
game in which deception may be detected with some probability. We have 
modeled the detection of deception as a chance move that occurs after the 
sender selects a message based on the type that he observes. For the cases 
in which evidence is trivial or omnipotent, we have given the analytical equi¬ 
librium outcome, and for cases in which evidence has partial power, we have 
presented numerical results. Throughout the paper, we have used the ex¬ 
ample of honeypot implementation in network defense. In this context, the 
technology of detecting honeypots has played the role of a malicious use of 
anti-deception. This has served as a general example to show how equilib¬ 
rium utilities and strategies can change in games involving deception when 
the agent being deceived gains some detection ability. 

Our hrst contribution is the model we have presented for signaling games 
with deception detection. We also show how special cases of this model 
cause the game to degenerate into a traditional signaling game or into a 
complete information game. Our model is quite general, and could easily 
be applied to strategic interactions in interpersonal deception such as border 
control, international negotiation, advertising and sales, and suspect inter¬ 
viewing. Our second contribution is the numerical demonstration showing 
that pure-strategy equilibria are not supported under this model when the 
distribution of types is in a middle range but are supported when the dis¬ 
tribution is close to either extreme. Finally, we show that it is possible that 
the ability of a receiver to detect deception could actually increase the util¬ 
ity of a possibly-deceptive sender. These results have concrete implications 
for network defense through honeypot deployment. More importantly, they 
are also general enough to apply to the large and critical body of strategic 
interactions that involve deception. 
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